Tag Archive for: cryptocurrency

Hack Alert: Sharan Hegde’s YouTube Livestream Hacked for Bitcoin Prices – Security Risks in Cryptocurrency Trading

/in


Initially, well-known businessman Sharan Hegde’s YouTube account was hacked, allowing Bitcoin prices to be streamed live without his permission. The event raised questions about possible dangers related to trading cryptocurrencies and the security of internet platforms.

The Hacker:

A well-known personality in the cryptocurrency world, Sharan Hegde, discovered with alarm that his YouTube account had been hacked and that illegal broadcasts of Bitcoin prices were going live. In addition to damaging Hegde’s online reputation, the hack had a big impact on his viewers and followers who looked to him for trustworthy analysis and breaking news on the bitcoin sector.

After his YouTube account was hacked, Sharan Hegde’s reputation as a well-known influencer and entrepreneur in the Bitcoin field suffered. In addition to damaging his reputation, the unapproved broadcast of Bitcoin prices caused his fans to have bookings about the security setup on his websites. Known for his skill in cryptocurrency trading, Hegde was met with criticism from unhappy users who doubted his capacity to protect private data and uphold the integrity of his online identity.

Cybersecurity-Related Fears:

Cybersecurity and the tendency of internet platforms to unwanted attacks have come under fresh attention following the event involving the hacking of Sharan Hegde’s YouTube account. As cryptocurrencies gain more popularity, hackers are focusing more on people and businesses that deal with digital currency. The hack is a clear reminder of how important it is to have strong cybersecurity protections in place to guard against illegal access and data thefts.

Given the recent attack on Sharan Hegde’s YouTube account, cybersecurity must be given top priority for both individuals and companies involved in the Bitcoin industry. Protecting online platforms from potential threats calls for setting strong passwords, turning on two-factor authentication, and updating security software frequently. Furthermore, keeping an eye out for unusual activity and scams can help reduce the chance of hacking and unauthorised entry.

Restoring Security and Trust:

Following the incident, Sharan Hegde acted quickly to take back…

Source…

RustDoor macOS Backdoor Targets Cryptocurrency Firms with Fake Job Offers

/in


Feb 16, 2024NewsroomEndpoint Security / Cryptocurrency

Cryptocurrency Firms

Several companies operating in the cryptocurrency sector are the target of a newly discovered Apple macOS backdoor codenamed RustDoor.

RustDoor was first documented by Bitdefender last week, describing it as a Rust-based malware capable of harvesting and uploading files, as well as gathering information about the infected machines. It’s distributed by masquerading itself as a Visual Studio update.

While prior evidence uncovered at least three different variants of the backdoor, the exact initial propagation mechanism remained unknown.

That said, the Romanian cybersecurity firm subsequently told The Hacker News that the malware was used as part of a targeted attack rather than a shotgun distribution campaign, noting that it found additional artifacts that are responsible for downloading and executing RustDoor.

Cybersecurity

“Some of these first stage downloaders claim to be PDF files with job offerings, but in reality, are scripts that download and execute the malware while also downloading and opening an innocuous PDF file that bills itself as a confidentiality agreement,” Bogdan Botezatu, director of threat research and reporting at Bitdefender, said.

Since then, three more malicious samples that act as first-stage payloads have come to light, each of them purporting to be a job offering. These ZIP archives predate the earlier RustDoor binaries by nearly a month.

The new component of the attack chain – i.e., the archive files (“Jobinfo.app.zip” or “Jobinfo.zip”) – contains a basic shell script that’s responsible for fetching the implant from a website named turkishfurniture[.]blog. It’s also engineered to preview a harmless decoy PDF file (“job.pdf”) hosted on the same site as a distraction.

Fake Job Offers

Bitdefender said it also detected four new Golang-based binaries that communicate with an actor-controlled domain (“sarkerrentacars[.]com”), whose purpose is to “collect information about the victim’s machine and its network connections using the system_profiler and networksetup utilities, which are part of the macOS operating system.

In addition, the binaries are capable of extracting details about the disk via “diskutil list” as well…

Source…

FBI warns North Korean hackers looking to cash out stolen cryptocurrency worth millions

/in


The FBI is warning cryptocurrency companies to be on the lookout for North Korean cyber thieves cashing out stolen bitcoin valued in the tens of millions of dollars. 

North Korean hackers use cybertheft to circumvent sanctions and fund their regime, with the White House estimating that half of North Korea’s missile program is funded via cryptocurrency heists and cyberattacks. 

The FBI published an alert this week saying North Korean hackers who were responsible for stealing nearly $200 million worth of cryptocurrency in June want to convert digital money into real funds. The bureau published identifiers of the bitcoin for companies to watch for in a warning Tuesday.

“Over the last 24 hours, the FBI tracked cryptocurrency stolen by the Democratic People’s Republic of Korea TraderTraitor-affiliated actors (also known as Lazarus Group and APT38),” the FBI said in the warning. “The FBI believes the DPRK may attempt to cash out the bitcoin worth more than $40…

Source…

North Korean Affiliates Suspected in $40M Cryptocurrency Heist, FBI Warns

/in


Aug 23, 2023THNCryptocurrency / Cyber Attack

Cryptocurrency Heist

The U.S. Federal Bureau of Investigation (FBI) on Tuesday warned that threat actors affiliated with North Korea may attempt to cash out stolen cryptocurrency worth more than $40 million.

The law enforcement agency attributed the blockchain activity to an adversary the U.S. government tracks as TraderTraitor, which is also known by the name Jade Sleet.

An investigation undertaken by the FBI found that the group moved approximately 1,580 bitcoin from several cryptocurrency heists over the past 24 hours and are currently said to be holding those funds in six different wallets.

North Korea is known to blur the lines among cyber warfare, espionage, and financial crime. TraderTraitor, in particular, has been linked to a series of attacks targeting blockchain and cryptocurrency exchanges with the goal of plundering digital assets to generate illicit revenue for the sanctions-hit nation.

Cybersecurity

This includes the $60 million theft of virtual currency from Alphapo on June 22, 2023; the $37 million theft of virtual currency from CoinsPaid on June 22, 2023; and the $100 million theft of virtual currency from Atomic Wallet on June 2, 2023, as well as attacks targeting Sky Mavis’ Ronin Network and Harmony Horizon Bridge last year.

The cluster shares overlap with another North Korean group dubbed APT38 (aka BlueNoroff or Stardust Chollima), which, in turn, is part of the larger Lazarus constellation. Google-owned Mandiant, last month, also connected TraderTraitor to UNC4899, a hacking crew attributed to the JumpCloud hack in late June 2023.

According to data compiled by blockchain intelligence firm TRM Labs, North Korean hackers are estimated to have stolen over $2 billion in cryptocurrencies since 2018 as part of a series of 30 attacks, with $200 million stolen in 2023 alone.

“Private sector entities should examine the blockchain data associated with these addresses and be vigilant in guarding against transactions directly with, or derived from, the addresses,” the FBI said.

Found this article interesting? Follow us on Twitter and LinkedIn to read more exclusive content we post.

Source…